Last Month in PHP - June 2012

Last Month in PHP - June 2012

Brief overview of important news stories and happenings in the PHP community in the previous month before this presentation was delivered.

Delivered at Kansas City PHP User Group on June 16, 2012

D3e3f4ac37c02289f5dfed115949fc88?s=128

John Kary

June 16, 2012
Tweet

Transcript

  1. Last Month in PHP June 16, 2012 Kansas City PHP

    User Group John Kary @johnkary
  2. New PHP versions released • PHP 5.4.4 • PHP 5.3.14

    • Security: Heap overflow in phar lib • Security: crypt() fail when encoding key as Unicode string with Standard or Extended DES https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2143 • Fix bug where redefining a private static method with a different method signature in an ancestor class caused crash when E_STRICT error reporting on
  3. New PHP versions released class A { private static function

    test($a) { } } class B extends A { private static function test($a, $b) { } }
  4. MySQL login vulnerability • MySQL <= 5.1.61 • MySQL <=

    5.2.11 • MySQL <= 5.3.5 • MySQL <= 5.5.22 • Ubuntu Linux 64-bit 10.04, 10.10, 11.04, 11.10, 12.04 • OpenSuSE 12.1 64-bit MySQL 5.5.23-log • Debian Unstable 64-bit 5.5.23-2 • Fedora • Arch Linux (unspecified version)
  5. MySQL login vulnerability • 1/256 chance login is successful with

    know username • http://seclists.org/oss-sec/2012/q2/493 • https://community.rapid7.com/community/metasploit/blog/2012/06/11/ cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql for i in `seq 1 1000`; do mysql -u root >> --password=bad -h 127.0.0.1 2>/dev/null; done
  6. Conferences

  7. php|tek 2012 May 22-25, 2012 Chicagoooo http://tek12.phparch.com/

  8. php|tek 2012 The MicroPHP Manifesto (Ed Finkler) Solving the N+1

    Problem (Paul M. Jones) Javascript Best Practices & BackboneJS for the PHP Developer (Ryan Weaver) All Talks & Some Slides: https://joind.in/event/view/958
  9. Symfony Live 2012 - Paris June 7-8, 2012 Paris http://paris2012.live.symfony.com/

    Schedule: http://paris2012.live.symfony.com/speakers Slides: https://gist.github.com/2890651 Symfony Certification via Sensio
  10. Virtual REST Summit by php|architect Live! July 30th, 2012, 12:00

    PM – 4:30 PM EDT Online! $20 tickets - Ends today! http://www.phparch.com/phparchitect-live-presents-virtual-rest-summit/
  11. Virtual REST Summit by php|architect Live! http://www.phparch.com/phparchitect-live-presents-virtual-rest-summit/ • What is

    REST? • HTTP fundamentals, beyond GET and POST • Hypermedia and HATEOAS • REST examples and use cases
  12. New Developments

  13. Zend Framework 1 + Composer http://twitter.com/weierophinney/status/212937337431261186

  14. Zend Framework 1 + Composer http://packagist.org/packages/zendframework/zendframework1

  15. Zend Framework 1 + Composer http://getcomposer.org/

  16. Zend Framework 2 - Beta4 Released Official Announcement Rob Allen’s

    ZF2 Tutorial • Adds support for Composer • Rewritten Form component • Model and Validation are separate
  17. Drupal 8 merges Symfony2 Components http://www.garfieldtech.com/blog/wscci-kernel-merge • HttpKernel • HttpFoundation

    • EventDispatcher
  18. PSR-1 and PSR-2 Ratified Coding standards from the PHP Framework

    Interoperability Group (php-fig) PSR-1 coding standard PSR-2 coding standard PHP Framework Interoperability Group
  19. PSR-1 and PSR-2 Ratified http://xkcd.com/927/

  20. PSR-1 and PSR-2 Ratified • Another standard? Whyyyyy? • It’s

    not necessarily for YOUR codebase • Framework / Library interoperability Auto-fix your code to PSR-1/PSR-2 https://github.com/fabpot/PHP-CS-Fixer Docs: http://cs.sensiolabs.org/
  21. mojoLive Online resume and career management platform

  22. mojoLive Online resume and career management platform

  23. mojoLive Dan Holmes - http://mojolive.com/profile/dan John Kary - http://mojolive.com/profile/johnkary Invite

    Code KANSASCITYPHP http://mojolive.com/signup
  24. fin